Barry King > Apache-Wyrd > Apache::Wyrd::Services::CodeRing

Download:
Apache-Wyrd-0.98.tar.gz

Dependencies

Annotate this POD

View/Report Bugs
Module Version: 0.98   Source  

NAME ^

Apache::Wyrd::Services::CodeRing - Apache-resident crypto tool (Blowfish)

SYNOPSIS ^

    my $cr1 = Apache::Wyrd::Services::CodeRing->new;
    my $key = $cr1->key;
    my $secret = "The turtle moves!"
    my $cytext = $cr1->encrypt($secret);

    my $cr2 = Apache::Wyrd::Services::CodeRing->new({key => $key});
    my $plaintext = ($cr2->decrypt($crptext)
      || die "Key or cypher text was corrupt");

DESCRIPTION ^

The CodeRing is an encryption/decryption object for use primarily for encrypting state information into cookies or hidden variables without exposing the data to deconstruction or corruption in transference.

It uses the blowfish algorithm via either a Crypt::Blowfish or Crypt::Blowfish_PP module, depending on which one compiles on this system, preferring the C-based one.

The CodeRing uses an internal hashing algorithm (SHA) to check the validity of the decrypt. If the decrypt shows alteration, it returns an empty string.

Unless the CodeRing is given a key on initialization, it uses an instance of the Apache::Wyrd::Services::Key class, which is designed to be a constant in primary server memory space. The Key, in this case, is "known" only to the Apache process, and is regenerated on each restart.

HTML ATTRIBUTES

attribute

attribute description

PERL METHODS

(format: (returns) name (arguments after self))

(Apache::Wyrd::Services::CodeRing) new ([hashref])

Create a new CodeRing. Accepts an optional hashref initialization. The hashref can have a key, key, the value of which will be the key used for encryption and decryption.

(scalar) key (void)

Return the value of the current key.

(scalarref) encrypt (scalarref)

Encrypt the text referred to by the argument. Returns a scalarref.

(scalarref) decrypt (scalarref)

Decrypt the text referred to by the argument. Returns a scalarref. The scalarref is zero-length on a failed decrypt.

BUGS/CAVEATS/RESERVED METHODS ^

Rather than returning an error, the decrypt method silently returns a ref to an empty string on an unsuccessful decrypt. The null byte ("\0") is used internally as a string terminator. Any item encrypted containing null bytes will not successfully decrypt.

AUTHOR ^

Barry King <wyrd@nospam.wyrdwright.com>

SEE ALSO ^

Apache::Wyrd::Services::Key

Shared-memory encryption key and cypher.

LICENSE ^

Copyright 2002-2007 Wyrdwright, Inc. and licensed under the GNU GPL.

See LICENSE under the documentation for Apache::Wyrd.

syntax highlighting: